You have a W32/FakeAlert-variant (AKA W32/FakeXPA) infection, most likely
accompanied by Vundo- and SDBot-variant infections, all of it "protected" by
a rootkit infection. The fact that none of the scanning you've done so far
detected all this is a testament to the rootkit's severity & power!
Option 1: Run a more-thorough check for hijackware, including posting the
requested logs in an appropriate forum.
Checking for/Help with Hijackware
http://aumha.net/viewtopic.php?f=30&t=4075
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://www.elephantboycomputers.com/...moving_Malware
**Seek expert assistance in
http://spywarehammer.com/simplemachi...php?board=10.0,
http://forums.spybot.info/forumdisplay.php?f=22,
http://www.dslreports.com/forum/cleanup,
http://aumha.net/viewforum.php?f=30
or other appropriate forums.**
Option 2: If the procedures look too complex - and there is no shame in
admitting this isn't your cup of tea - take the machine to a local,
reputable and independent (i.e., not BigBoxStoreUSA or Geek Squad) computer
repair shop.
Option 3: Backup your personal data, then do a format & clean install of
Windows. Please note that a Repair Install will NOT fix this!
After the clean install, you'll have the equivalent of a "new computer" so
take care of everything on the following page before otherwise connecting
the machine to the internet or a network or using a USB key that isn't
brand-new or hasn't been freshly formatted:
5 steps to help protect your new computer before you go online
http://www.microsoft.com/protect/com...nced/xppc.mspx
Also see.
Steps To Help Prevent Spyware
http://www.microsoft.com/protect/com...e/prevent.mspx
Security FAQ & Checklist
http://www.dslreports.com/faq/8463
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Client - since 2002
Dipen wrote:
> I am using XP professional with SP3 installed. Recently while i tried to
> update windows it is not working. I reach up to the step wherein i choose
> Express/Custom option, the udate scroll starts for few seconds and the
> error
> message pops!
>
> I went through Windows knowledge base Article ID 910336 and tried to
> resolve
> it. This didn't work. In the very first step i find "Autoupdate" stopped
> rather then me to stop it manually !
>
> I went through other posts also and tried to run all kind of scans to see
> if
> my PC is infected. I used Norton IS 2009, Onecare Protection scan,
> malwarebyte's antimalware, Super Antispyware, MSRT March edition, SpyBot
> Search & destroy ! None of these finding any infections ! I even ran
> "ComboFix" i dont know whether i did right or wrong running "ComboFix"?
> However while running Combofix i saw it notifying me to disable "Cyber
> Defender Internet Security" i dont know where it came from ? i dont find
> it
> installed in my PC ! Is it installed by Norton Internet Security 2009 ?
>
> Other associated problems...I tried to update IE8RC1 to IE8 final
> version...it also fails repeatedily. I find NIS 2009 identifying spam
> emails
> being sent from my Outlook express to various ids without my knowledge.
> This
> happens only when i connect internet through Dial up connection ! While
> using LAN and Proxy it doesnt appear !
>
> So friends, i have listed here all what i can gather... just help me set
> right my Windows to get updates...and IE8 to get installed !
>
> Thanks for going through my long query !
>
> Dipen
Linear Mode
